Sec, blogmal! - rev-eng - psi-password

Categories:

Everything

Dezember '14

DiDiDiDiDiDiDi
1234567
891011121314
15161718192021
22232425262728
2930311234

Archive:

Flattr me:

Flattr this

Thu, 11 Aug 2005

Random ramblings about PSI, the jabber client
/This is Blog-Repost: I did this earlier than the above Date suggests :)/ [PSI]:http://psi.affinix.com/ is a nice [jabber]:http://www.jabber.org/ client which I use mostly for work and also for some private contacts. I had forgotten my jabber password, which was saved in PSI. I needed it to test another jabber client, so I wanted it back. But no, they had to make it unnecessarily hard. There is a commercial program to recover it, it is called AIMPR (Advanced IM Password Recovery) - But I dislike paying money for this. So had to spend quite some time until i found the solution. I present it here, so others don't have to spend their time. !4 How to recover your jabber password from PSI. # Search for your "config.xml" # Extract the and part from within your group # Decrypt by interpreting the password as hex 16bit-unicode, and XORing it to the jid. If you have only Ascii characters in your password, you can try this line of perl: % perl -le '($jid,$pw)=@ARGV;$pw=~s/..(..)/chr hex$1/ge; \ % print substr($pw^$jid,0,length$pw)' \ % user@jabber.server 000100020003007e This information is relevant for PSI 0.92 - The author seemed displeased with me disclosing this information, so expect the algorithm to change. Have fun. Sec P.S.: (added 2005-08-02) *WARNING*: As it stands, PSI 0.10 and newer versions will remove saving of PGP passphrases completely. This means they will delete your PGP passphrase from the config file without notice! The jabber password is still obfuscated the same way last time I checked. P.P.S.: (added 2007-03-20) There are of course [other ways]:http://www.hackerboard.de/thread.php?threadid=30746 to recover the password. But I have to say, my method is much simpler and quicker :-) P.P.P.S.: (added 2010-09-01) This still works with PSI 0.13, although the config file name has changed to %accounts.xml%
posted at: 18:28 | Category: /rev-eng | permanent link to this entry | 31 comments (trackback)
 

Your Comment
 
Name:
URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Comment:
Save my Name and URL/Email for next time
(Note that comments will be rejected unless you enter 42 in the following box: )

powered by blosxom
in 0.00 s